Security

Your resume, protected.

Every technical and operational choice we've made to keep your data safe.

Get JobeezySee it work

Encryption

  • At rest: AES-256 on DynamoDB and S3, managed through AWS KMS with per-environment keys.
  • In transit: TLS 1.3 on every edge; HSTS preload; certificate transparency monitoring.

Isolation

  • Per-user data is isolated via Cognito-authenticated scopes and user-scoped DynamoDB partition keys — cross-user reads are a structural impossibility, not a runtime check.
  • Backend services run least-privilege IAM roles; nothing has full-table read access.
  • No long-lived credentials in code or CI: every AWS interaction uses short-lived STS tokens.

LLM providers

  • Primary: Anthropic Claude under a zero-retention agreement — your data is not logged, cached, or used for training.
  • Fallback: OpenAI under the no-training API tier, invoked only when Anthropic is degraded.
  • No third-party foundation model ever receives raw identifiers; names, emails, and phone numbers are stripped before the LLM call.

Compliance

  • SOC 2 Type I — engaged, targeting 2026 Q3.
  • GDPR — data subject access, portability, and deletion implemented.
  • CCPA / CPRA — request portal at /legal/ccpa/.
  • DPA for B2B at /legal/dpa/.

Responsible disclosure

We run a private disclosure program. Email security@jobeezy.com with details (PGP-encrypted preferred). We acknowledge within 72 hours and fix critical issues within 7 days. Public disclosure welcome after a fix ships.

Incident history

No security incidents disclosed. We will update this page within 72 hours of detection of any qualifying event.

Get Jobeezy

Let Jobeezy apply for you while you live your life.

Free to start. No resume writing. No cover letters. We handle the search, the filter, and the apply — you just say yes to interviews.

Download on theApp Store Get it onGoogle Play Open in yourBrowser

Free on iPhone, Android, and web. You can delete your account in one tap.